CVE-2021-40529

Name
CVE-2021-40529
Description
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
MISC https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
MISC https://github.com/randombit/botan/pull/2790
MISC https://eprint.iacr.org/2021/923

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:* botan >= None <= 2.18.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
botan 3.13-main 2.11.0-r6 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
botan 3.12-main 2.11.0-r6 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
botan 3.11-main 2.11.0-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
botan 3.14-main 2.17.3-r3 Natanael Copa <ncopa@alpinelinux.org> fixed
botan edge-main 2.18.1-r4 Natanael Copa <ncopa@alpinelinux.org> fixed